Home
  •  

特权日志文件数据源

Microsoft.Unix.SCXLog.Privileged.Datasource (DataSourceModuleType)

此数据源从日志文件筛选出与正则表达式匹配的行。

Element properties:

TypeDataSourceModuleType
IsolationAny
AccessibilityPublic
RunAsDefault
OutputTypeSystem.BaseData

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Unix.SCXLog.VarPriv.DataSource Default

Overrideable Parameters:

IDParameterTypeSelectorDisplay NameDescription
Hoststring$Config/Host$主机日志文件驻留的主机。
LogFilestring$Config/LogFile$日志文件日志文件路径。
RegExpFilterstring$Config/RegExpFilter$正则表达式筛选器用于筛选日志文件记录的正则表达式。
IndividualAlertsbool$Config/IndividualAlerts$IndividualAlerts此数据源模块的默认行为是在 UNIX/Linux 日志文件中搜索匹配规则的行,并以单个警报方式呈现所有匹配项。如果 "Individual Alert" 属性设置为 "True",则模块将为日志文件中与规则匹配的每个行生成单个警报。

Source Code:

<DataSourceModuleType ID="Microsoft.Unix.SCXLog.Privileged.Datasource" Accessibility="Public" Batching="true">

  <Configuration>

    <xsd:element name="Host" type="xsd:string"/>

    <xsd:element name="LogFile" type="xsd:string"/>

    <xsd:element name="RegExpFilter" type="xsd:string" minOccurs="0"/>

    <xsd:element name="IndividualAlerts" type="xsd:boolean" minOccurs="0"/>

  </Configuration>

  <OverrideableParameters>

    <OverrideableParameter ID="Host" ParameterType="string" Selector="$Config/Host$"/>

    <OverrideableParameter ID="LogFile" ParameterType="string" Selector="$Config/LogFile$"/>

    <OverrideableParameter ID="RegExpFilter" ParameterType="string" Selector="$Config/RegExpFilter$"/>

    <OverrideableParameter ID="IndividualAlerts" ParameterType="bool" Selector="$Config/IndividualAlerts$"/>

  </OverrideableParameters>

  <ModuleImplementation>

    <Composite>

      <MemberModules>

        <DataSource TypeID="Microsoft.Unix.SCXLog.VarPriv.DataSource" ID="DS">

          <Host>$Config/Host$</Host>

          <LogFile>$Config/LogFile$</LogFile>

          <UserName>$RunAs[Name="Microsoft.Unix.PrivilegedAccount"]/UserName$</UserName>

          <Password>$RunAs[Name="Microsoft.Unix.PrivilegedAccount"]/Password$</Password>

          <RegExpFilter>$Config/RegExpFilter$</RegExpFilter>

          <IndividualAlerts>$Config/IndividualAlerts$</IndividualAlerts>

        </DataSource>

      </MemberModules>

      <Composition>

        <Node ID="DS"/>

      </Composition>

    </Composite>

  </ModuleImplementation>

  <OutputType>System!System.BaseData</OutputType>

</DataSourceModuleType>